Skip to main content

2E Web Option

1 CVEs product

Monthly

CVE-2014-1219 MEDIUM POC This Month

CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure 2E Web Option
NVD Exploit-DB
CVSS 2.0
5.1
EPSS
6.1%
EPSS 6% CVSS 5.1
MEDIUM POC This Month

CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure 2E Web Option
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy